Interface with my AP cuts out regularly



  • @mh13

    Why would pfSense do anything to shut down a switch port on a different device? How could it know what's out there? All it can see is a valid Ethernet signal connected to it. It could also be a failing AC adapter that causes this. You'll just have to try to eliminate things one at a time.



  • @mh13 said in Interface with my AP cuts out regularly:

    Why would access to the gateway, and therefore access to the Internet, go down on a regular basis?

    Maybe the switch is going or even the computer. Only testing and isolating will tell. Since you have problems pinging both the AP and router, then the problem is probably one of those 2 or maybe a cable. Try connecting the computer directly to the Netgate and see if it fails. Again, directly to the AP. However, cables are always a prime suspect for intermittent problems.



  • @JKnott I'm not sure what you mean about a switch port on a different device. I was wondering if my netgate device was seeing something that caused it to administratively shut down & then bring back up one of its own switch ports, like how a watchdog service will restart a service once it spots an issue



  • @mh13 said in Interface with my AP cuts out regularly:

    I'm not sure what you mean about a switch port on a different device.

    PfSense doesn't know what's out there. It just sees a valid Ethernet connection. The device could be anything, including a switch, computer, routers, AP, whatever. Since it doesn't know what's out there, there is nothing it could do to cause a port on that switch to shut down. There is no direct connection between ports on a switch, just the circuits that receive a frame on one port and forward it to another. There is no mechanism for one switch port to control another.


  • Netgate Administrator

    Yeah, pfSense does not shut down the switch ports like that. They can be set to stop forwarding or to a bad link type etc but that only happens when the switch is configured not in reaction to anything else. If it was you would see it on the internal port, mvneta1 if that's an SG-3100.
    Do you have just the Windows client connected via wifi to the AP and that to the pfSense switch port via the PoE injector?
    No other switches etc?

    Try putting a switch in between if you can. If the switch port logs stop, and nothing else is logged, in pfSense but you still lose connectivity it's something in the AP most likely.

    Steve



  • While I did not put a switch in between, as suggested, I do not have the same problem when this same AP is plugged in to a different brand router/firewall of mine. I just did this today. I was streaming a video that kept cutting out (looked like it was stopping & buffering a bunch of times but the netgate was giving me those "interface down"-type messages like I posted originally during those times). When I moved the AP over to my other brand firewall, the buffering look & cutting out stopped completely. It may be something about the AP, but it's got to be [at least also] something about the netgate that is more sensitive or something.


  • LAYER 8 Global Moderator

    Could be an issue with negotiations with the AP interface and the Nic.. What router did you plug it into? If some soho device prob just a switch port.

    What box is pfsense running on?


  • Netgate Administrator

    It's certainly not an issue I've seen on any of our switch port devices. Putting a switch in between would be a good test.
    If it is a link negotiation issue you could potentially set both sides to a fixed speed/duplex.

    Steve


  • LAYER 8 Global Moderator

    @stephenw10 said in Interface with my AP cuts out regularly:

    If it is a link negotiation issue you could potentially set both sides to a fixed speed/duplex.

    if you he wants to set to 100 or 10 sure, but that is not something you should ever do with a gig interface... Didn't we just go over that ;)


  • Netgate Administrator

    Yup, indeed. 😉 Hence I added potentially in there.

    Whilst you should not ever need to set fixed 1G, and you can I would argue it's an invalid setting, if both ends allow setting that you might as well try it. Assuming it i a link neg issue at all. Prove that first with a switch in between.



  • I put a switch in between, and now the issue has cleared up. Thanks for the suggestion. So @johnpoz or @stephenw10 why would one not set a fixed speed at 1000 for an interface? I can think of a time where I had to do that on a firewall that defaulted to 10000 so if you had a gig connection, you had to specify. Why under normal circumstances would someone not do that vs. being able to do it with 10/100? What am I missing? I've just not heard that line before



  • @mh13

    In general, the rule is to use auto-negotiate, unless you have a specific reason to lock the connection. One example is with fibre media converters, which only operate at 1 Gb. If you set one end to a fixed rate, then you must also set the other end the same way. Also, if you do that, make sure it's recorded or marked, so that someone doesn't just move the cable from one switch port to another and all of a sudden, a problem appears. Some places use different colour cables to identify special ones. However, auto-negotiate generally works as advertised, so just leave it at that.



  • @JKnott So is it mostly because it's an old school process, fixing a speed, and it was more done in the 10/100 days?


  • LAYER 8 Netgate

    All gigabit copper is autonegotiate. Period.

    You used to have to hard-set a port to match another hard-set port on the other end of the link or autonegotiate on one side only could mis-negotiate the correct speed/duplex. All 1000BaseT ports must have autonegotiate enabled.

    Leave it set at the default, usually autonegotiate. That is almost never the incorrect setting.

    Specifically setting autonegotiate can cause an extra ifconfig and a port down/up that results in a death spiral of each side going down/up in response to the other.



  • @mh13 said in Interface with my AP cuts out regularly:

    @JKnott So is it mostly because it's an old school process, fixing a speed, and it was more done in the 10/100 days?

    I don't ever recall it being old school process. I only recall it being done when necessary. One of the advantages of multiple speed switches is you didn't have to worry about what was connected to what port. You just plugged it in and it worked.



  • @Derelict said in Interface with my AP cuts out regularly:

    All gigabit copper is autonegotiate. Period.

    Not quite. I have worked with some fibre media converters, as I mentioned above, that were fixed at 1 Gb.


  • LAYER 8 Netgate

    I said copper


  • Netgate Administrator

    I forget what port speed settings you might have on a Unifi AP, if any. I doubt you want to have it connected at 100Mb so really the only thing you could do there is if it offers a fixed 1G speed, try it. Set the same in pfSense, you have nothing to lose.

    Just to be clear though I agree with what has been said here, Gigabit copper should always be auto negotiation otherwise.

    Steve



  • @Derelict said in Interface with my AP cuts out regularly:

    I said copper

    One side of those converters is copper.


  • LAYER 8 Netgate

    Right but it will be limited to "converting" the media on the other side, which 1Gbit fiber.

    Not the same thing.

    If you want the same thing, use a switch to "convert" from fiber to copper.


Log in to reply